package com.example.meetingbook.interceptor;

import com.example.meetingbook.model.Employee;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * @author 麦健豪
 * @date 2021/12/24 17:47
 */
public class PermissInterceptor implements HandlerInterceptor {
    AntPathMatcher pathMatcher = new AntPathMatcher();

    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //getRequestURI
        String requestURI = request.getRequestURI();


        if ("/".equals(requestURI) || "/doLogin".equals(requestURI) || "/register".equals(requestURI) || "/doReg".equals(requestURI)) {
            return true;
        }

        HttpSession session = request.getSession(true);
        //获取当前用户
        Employee currentuser = (Employee) session.getAttribute("currentuser");


        if (pathMatcher.match("/admin/**", requestURI)) {
            if (currentuser != null) {
                if (currentuser.getRole() == 2) {
                    return true;
                } else {
                    response.getWriter().write("权限不足");
                    return false;
                }
            }
        } else {
            if (currentuser != null) {
                return true;
            }
        }

        response.sendRedirect("/");

        return false;
    }
}